Debian Security Advisory

DSA-548-2 imlib -- unsanitised input

Marcus Meissner discovered a heap overflow error in imlib, an imaging
library for X and X11, that could be abused by an attacker to execute
arbitrary code on the victim's machine. The updated packages we have
provided in DSA 548-1 did not seem to be sufficient, which should be
fixed by this update.

For the old stable distribution (woody) this problem has been fixed in
version 1.9.14-2woody3.

For the stable distribution (sarge) this problem has been fixed in
version 1.9.14-16.2.

For the unstable distribution (sid) this problem has been fixed in
version 1.9.14-17 of imlib and in version 1.9.14-16.2 of imlib+png2.